WLC & RADIUS Tutorial and Free PT Lab | Cisco CCNA 200-301

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] and welcome everybody my name is Keith Barker welcome to the Keith Barker channel here on YouTube our focus is on the technologies surrounding cisco CCNA which is currently exam 200 301 but in four or five years maybe they'll have a new name I don't know in any case our focus today is Wireless radius and troubleshooting and so what I have is I have three objectives for our video today and one is to share with you the in a wireless environment with a wireless LAN controller how and where to go to the individual components to make it work you looking at the blueprint for the current exam and module one had wireless module two included wireless module five included Wireless and so I thought well let me go ahead and do a lab a packet tracer lab that will walk you through the paces of what you can practice with it hands-on with and also I'd like to share with you in a live environment those ingredients to really make it work because I've got some questions on that too is like how do I associate like a new wireless network with VLAN 20 on the local area network how do I link those together so I'd like to do is from super desert walk you through quickly how to do that and then introduce you to a troubleshooting lab so you can have some fun with that all right so without further ado also on trying out something new today I'm going to a bigger desktop I haven't dialed it okay so thanks for being part of my experiment today as I go to a bigger desktop and make sure everything's being seen alright so let's take a look at that desktop and this is simply a browser on this desktop and pop in a picture there there we go everybody and for this new packet tracer lab you simply go to the keith Barker comm and you just go down downloads and here is the one that I'm introducing today cisco PT packet tracer troubleshooting WLC wireless LAN controllers and radius which is a form of doing triple-a authentication authorization and accounting using a centralized server and we use the protocol called radius so we can call that device a radius server or a triple-a server or an antenna k ssin server it all is talking about the same animal all right so I've downloaded that I would encourage you to download that as well and at the end we'll go ahead and walk through or take a look at that troubleshooting scenario and I have a little surprise for you there as well okay let's take a look at that lab and here it is let me bring up my pen and I always often get a question what pen to use right on top of your screens I use epic pen it's very very affordable writes on top of everything and that's what I'll be using here today so the basic concept of wireless LAN controllers is we have some access points which are the radios that are sending and receiving signals back and forth between devices and then instead of managing those independently we have a controller WLC is an acronym for a wireless LAN controller and here's what happens when these guys boot up to be a DHCP or through a DNS lookup they discover who the wireless LAN controller is they build a really cool tunnel between themselves and that controller and then they say we're ready and the controller then hands out the information what frequencies should they use what Wireless VLAN identifier is SSID should they advertise and so forth and then when an employee authenticate so our summate connects the access point in what's called lightweight access configuration of access point configuration it doesn't do all the work it simply gets the signals from the wireless device sends them over the tunnel to the controller and then waits for the controllers say yes ok let them in or no don't let them in based on what the configuration is there on the controller also the controller if we have a used light Bob if we're using 802 dot 1x and simplifies authentication what we can do is we can have the wireless LAN controller when Bob puts in the right parameters including his information like user name and password and so forth when he authenticates with the access point that authentication request from the access point goes over to the controller and we can have a controller talk to a server so in this example this would be a triple a server triple a is a generic term or not the not the Automobile Association of America but rather the authentication authorization and accounting and so if we want to do our control there we can specify usernames and passwords or we can have a triple a server talk to Active Directory but in any case user like Bob when they log in lock you log in through any access point any controller because the centralized management of all those usernames and passwords are on the triple-a server so that triple-a server the wireless LAN controller is going to talk to it via radius and use the radius protocol to authenticate so those are the there's a lot that can go wrong here so let me share with you some of those details that might go wrong in order for the wireless LAN controller to talk to the triple-a server it's gonna need to have the right credentials to allow it them to talk to each other this Triple A server is gonna see the wireless LAN controller as a client and that client is gonna ask a is Bob you know are these right is this the right information for Bob can Bob login so the play-by-play would Bob would try to authenticate here the access point would set up to the controller the controller if we're using Triple A would send to the Triple A server the Triple A server would say yes or no that'd be fed back up to the access point which would then allow Bob access into the network okay so I thought to myself self this is a packet tracer troubleshooting lab I thought let me walk through I have a couple basic steps I thought I want to share with you how to do this it on a real wireless LAN controller and so what I have is this is so fun I'm gonna use this space over here because I have more room now what I have in my lab environment I've got a wireless LAN controller and it's virtualized face not yet though its virtualized meaning it's running in a hypervisor it's a virtualized Wireless time controller and then I've got connectivity over to it I switch I think this is important on the switch and what we're gonna do here this is important on the switch where you need two trunk on are not unpack of tracer because packet tracer has a few limitations but on a real wireless LAN controller and real switch we'd want a trunk here because maybe we have five VLANs or five SS IDs and we're associating those five different wireless networks with five different VLANs well if if Bob connects to a VLAN called say user Wi-Fi and that's associated with that's and so Bob associates with user Wi-Fi and that specific wife Wi-Fi network is associated with VLAN 20 we need to make sure that the wireless that controller as it forwards that traffic on behalf of that Wi-Fi network because all the traffic is going through the tunnel it's going to be tagged appropriately and sent for than 20 so this has to be a trunk on the switch has to be a trunk and on a real wireless down controller it's going to be doing tagging and so as we have as we configure our interfaces here I'll walk you through that here in a moment it's important we have tagging on the switch so I would say this for what I'd like to walk you through I've got VLANs 10 20 and 30 VLAN 10 is a user VLAN and VLAN 20 is a guest VLAN and been 30 is the VLAN I've got for like servers and controllers and such so one of the first things to do in a production environment if you're if you're saying this up with physical gear is to make sure that you have those VLANs created and you have a trunk on this switch port that's going to the wireless LAN controller so I thought what's the what's a really good way to demonstrate this and the answer is show you live so this is a switch wrong switch it is a switch but it's the wrong switch I need to go to switch a which is which is this switch by the way right there the one that's been in mothballs for a long time and I I dusted it off and got it set up and it's perfect for what we want to do here all right so this is the switch and it's called switch a there we go so I'm connected to switch a they're in the physical world and let's do a show interface trunk let's do show view them brief alright show VLAN brief that's what happens if you mash up two commands together so I've got here's all my access ports I have a whole bunch of carved-out yep I've got VLANs 4 10 20 30 40 and 50 great and I'm interested in code interface Runk I'm gonna make sure that VLAN RFA's 0 / 13 which is connected to my wireless access controller or my wireless LAN controller is a trunk and it is so it's currently a trunk it's allowing all these VLANs you don't have to allow all the VLANs you have in your environment but you want to allow the ones that you are going to support for wireless networks in this case I didn't put a filter on so by trunk trunking by default is allowing all of you then great check done secondly we would want to make sure we have configured appropriately the wireless LAN controller so I have a virtual wireless LAN controller somewhere somewhere out of all these tabs I think it's in Merriam it's up here so here's the login page now in the packet tracer lab which you have the opportunity to download and do the username is admin and the password is capital C is Co exclamation mark 2 3 and I will put that here as well oh that's a one-two-three now that's why I'm writing it out Cisco exclamation mark 2 3 is the password and anywhere in the packet tracer lab I use the password that's it that way it won't be a password guessing game it'll just be oh that's the house we're using also in packet tracer when you type in admin and the password and you press ok or press Enter packet tracer doesn't realize you're trying to click that button so you can do it here on live gear but in packet tracer put in the username and put in the password and then click OK don't just press Enter otherwise it gives you invalid password that's many hours of your life you don't have to write I know I set that password up I knows it so just click on enter also there's a separate video that I have where I demonstrate creating a packet tracer that from scratch with the wireless LAN controller and the access points and connecting clients that's in the master playlist too if you want to check that out so feel free to take a look at that alright let me clear that off let me click on OK and I guess I timed out Cisco exclamation mark 2 3 with the capital C at the beginning all right no the this is an eval I downloaded this from Cisco and if you need this image I cannot supply it but they have evals that some are downloadable some are not baby this I just got this a few days ago downloaded it and I'm running it inside of a hypervisor which is a fancy way for saying a machine that can run other virtual machines I'm using VMware Workstation for this and this is how it pops up at the beginning but this isn't the interface that most people are used to if they've worked with packet tracer all you need is a pair on the right just click on advanced and my face is in the way let me get that out of the way there you go so just click on advanced right here and then you have the same old look and feel that you would normally and they make my font just a little bit bigger here there we go make sure it's readable all right so this is the wireless LAN controller interface I've got a self-signed certificate on it and that's why that's showing up it's a certificate air up there also there's a service port which you can use to connect to it for management and then there's also all the other interfaces so ok on the wireless LAN controller first things first and we have the switch we have the VLANs next with the first thing I do on this on the controller is I would specify that we have virtual interfaces or dynamic IP addresses dynamic interfaces that we can set up and associate with each of our VLANs so here's the here's the play-by-play if we are going to have VLANs 10 or users and VLAN 20 for guests we'd want to have those VLANs created on the switch we do out of trunk to the to the widest then controller and and we'd also want to create on the wireless LAN controller a new interface one for VLAN 20 the guests and one for VLAN 10 and then what we'll do is when we create those wireless networks they're so like VLANs anyway we're gonna associate the interface here on the controller that's a part of that VLAN and that's the link between a wireless ID and the actual VLAN on the local area network so let me show you how to create right out of thin air those interfaces right now so back here at the interface for the wireless LAN controller we're gonna click on controller up here and then on the left we're gonna click on interfaces and I've got a management interface that was part of this initial set up and it's using VLAN 30 so here's here's what that means so here's the WLC it's connected to the switch and this in my experience in my labs and also packet race right this is port 13 on the switch I've configured the switch as a trunk the switch knows about VLANs 10 20 and 30 and when I set this up I told that my management interface is using VLAN 30 here's what that means it means that when I have a this IP address 10.30 0.2 and by the way the the wireless LAN controller in the packet tracer lab all all of its interfaces and in dot 2 so this is going to represent the third the second octet is the same as the VLAN and the last number is 2 for the wireless LAN controller so that means if if the switch has all these VLANs and the switch has interface VLAN 10 and interface VLAN money and interface VLAN 30 so these would all be SV eyes check out check out our other videos on switched virtual interfaces that exist on multi-layer switches and if the address is here were and then I sort of beep in the background we'll go figure out what that was later 10.10 1 and 10.20 0.1 and 10.30 0 that one if those the addresses if this wireless LAN controller did a ping to 10.3 at 0.2 what it would do it would send it out this interface it would also tag it with VLAN 30 that's what that via an identifier means it's gonna tag it this switch receives that 802 dot1q tag of 30 realizes hey this frame belongs to b then 30 and then forwards it and if he's pinging this guy that guy 10 30 0 1 there would be a response and if we looked at that traffic in either direction on this trunk we would see VLAN 30 tag if we created other interfaces like we create interface for VLAN 10 and VLAN 20 here on the widest LAN controller and then we pinged addresses that were in that same VLAN like if we pinged over to this guy right here it would show us a tag going back and forth over this rung clink of VLAN 10 so let's wanna say be show you behind the scenes how important that is packet tracer has a real problem with trunking to this Wireless then controller so I made an adjustment to make sure it still worked in the packet tracer lab but that's like 4 hours of my life not getting back but I'd rather do it and and saw and verify what can or can't be done I so save you the time and the frustration but as that works in a real environment is that we were going to tag so going back if we are gonna have VLANs 10 and VLAN 20 we need to create two more interfaces one for VLAN 10 one for VLAN 20 on the wireless LAN controller and here's how you do it so we're under controller and interfaces and over here on the right and you move my epoch pin over here on the right there's a little button called new I move my face dang ok so there's a little button called new up here in the upper right let's just click on new and then go ahead and put in the interface let's make one for VLAN 10 it's like it's like a virtual interface for the wireless LAN controller that's a switch virtual interface is to ale-8 multipliers what an interface a dynamic interface is here on the wireless LAN controller so we'll call this or users VLAN 10 let's pretend VLAN 10 is our Corp users and then you can put the VLAN ID here and and I'll get my face other way in the upper right hand corner we're gonna click on apply and then we're creating this brand new logical interface so down here and there port number so this interface exists like I'm gonna click on apply I'll come back to this in a moment as far as what port number if you click on ports over here on the left here it shows you your ports that are enabled so I currently have one port which is port number one which is that trunk that's going over to the switch so you want to choose the right port so going back to interfaces I'm not connected what I mean I'm not connected I'm connected alright so I want to go back to this interface used for users on VLAN 10 and I'm gonna specify that it's port number 1 just want to share with you why I was doing that the VLAN identifier is 10 this because I put 10 earlier you could specify the right VLAN interface our tag number here and then you put me I dress so pick an IP address on VLAN 10 whatever that layer 3 subnet is associated do that and put it here so I'm gonna use 10 dot n dot dot - and a 24-bit mask and the Gateway is 10.10 dot I be v6 don't care about and that's just by the DHCP server on my network which is tan tan bat 0.10 by the way these are very similar if not identical to what I did in the packet tracer lab so you'll have a chance to actually practice and work with this yourself if you want to get the hands-on all right and then in the upper right hand corner we I'm gonna go ahead and click on apply and ok and then go back to interfaces and then I've got four users VLAN 10 that's my logical interface that we now have let's go and create one more for VLAN 20 click on new and I will go ahead and type for guests I'm just writing it out here so you'll see you get the correlation this is great logical interface for VLAN 20 which we're gonna use the view then 24 guest traffic we can set put up access control lists and filtering to control them from getting in other places in the network as well so we'll put in VLAN ID 20 here and click on apply in the upper right hand corner just like that all right and then we'll put in the details I only have that one physical interface so great put that there for than 20 and 22 0.2 this is the wireless LAN controllers address on that logical subnet on that logical network so it's gonna be both a SSID eventually when we create the wireless network and it's also associated with the local area network I'm 2 then 20 about 255 dot 255 dot 255 dot 0 is the mask default gateway for that subnet is 10.20 dot 0 dot 10 and the primary DHCP server 10 10 10 also if you want that to work um you want to make sure that you have on your default gateways or those various VLANs you'd want to make sure you have IP helper if you have a centralized DHCP server we've talked about that also previously alright and we'll go ahead and click on apply and say ok to the warning and let's just verify our work I'm gonna go back and click on interfaces one more time and just check my work so I've got my management interface has a tag of 30 my users VLAN is gonna have a tag of 10 and my guest gonna tally with 20 now here's the here's the cool thing when we create the wireless networks for the users and for the guests when we create them we're going to associate those wireless networks with these inman interfaces and these interfaces are associated with the correct VLAN tag and that's how we can associate a wireless network with a local area network and make sure that the same that if that's our intended goal ok oh I got some really cool let me show you something I want what I did earlier if you join me for the packet tracer Labs uh excuse me I get my brain on if you join me for the Kali PI labs where I walk through how to create take a Raspberry Pi with the Kali Linux image and then do packet sniffing I use that today I thought in fact I recorded as a hey I recorded today I'm recording it right now I recorded this capture earlier today and I'm recording this right now it's gonna live premiere here in about an hour and 15 minutes so I'm gonna keep it pretty tight but this is a protocol capture that I did with that Raspberry Pi running Kali Linux on the trunk link between the wireless LAN controller and the switch and so right here this is showing that when I did a ping from 10 1001 to ten 1002 that 10 1001 is the switch virtual interface on the switch and the 10 1002 is an interface I created temporarily or in the wireless LAN controller check out the tag is tagged 10 right there that's at the 802 dot1q tag you point that out right right there and go ahead and clear that off if we go to this bad boy and we did a ping on VLAN 20 it would go ahead and have the 802 that one Q tag of 20 on that link back and forth and if we do that one more time and we go to VLAN 30 the tag is gonna include a 30 as it goes back and forth on that trunk this is the feature that packet tracer in version 7.3 Russia doesn't do but so I have a workaround so you still do the full practice in the lab but I just want to point out that literally that happens also when I was sitting at my virtualized environment with VMware Workstation on my PC and using an addiction that was also like three hours of trying to because my Windows computer inbounds from the switch was eating the tag just gone I thought no no I can si I tried like four or five different ways with four or five different adapters and four or five different settings and if you do all the math on though there's a lot of possible combinations in any event I did find a solution that gets it get working because I wanted to demonstrate this all right so it is they got the capture wanted to share that with you and let me minimize that all right so we have an interface for me than 10 an interface let me than 20 now our next step is do we want to do Triple A or not and if we're gonna do Triple A which means we want this Wireless LAN controller when it gets when Bob tries to authenticate do we want the wireless LAN controller to talk to a triple a server yes or no and based on the topic of this packet tracer lab the answer is yes so we need to setup a wireless LAN controller to tell it that it has a triple a server that running is running radius and we have to specify the port which port is the best one the best port to use it's going to UDP port but the is it yeah I did you DB but it's the best part to use is the one that's agreed upon by both these devices so if they wireless LAN controller says I'm going to use 1812 as I talk to this radius server and the radius server says I'm expecting this Wireless LAN controller to connect and talk to me on 1812 and we've set up a little password so they can successfully talk to each other that's the best pork to use the one that matches on both sides okay so let's let's do that let's set up a wireless LAN can tell the wireless LAN controller about a triple-a server and to do that we back the wireless LAN controller we would go to security and security I'll get my face all the way here on security on the left hand side we have triple-a general radius authentication so you just go down that menu on the left select authentication and here's where you would add a server so I did that i added a server but if you want to add a new server you click on click on new upper right hand corner and simply put in the IP address as far as the secret this is the secret that's gonna be used between the wireless LAN controller and the triple-a server so both sides have to match on that you can specify it ASCII or hex just make sure you do it similar on both sides they both can understand and talk to each other then you specify the shared secret this is to make sure that's not anybody can talk to your Triple A server via radius say hey this is a good password because I hacker would love that a hacker could just like ask your Triple A server over and over again you can't go through a whole dictionary of passwords and usernames and and get responses you know that works so you want to make sure that you're only allowing inbound requests with authentication from the from the Triple A clients like wireless LAN controllers that you specify all right anyway and there's the there's the default port number that this Wireless LAN controller wants to use 1812 alright alright so if we had a triple-a server we'd want to make sure that we set the triple a server with that same information that we're expecting incoming requests from this wireless LAN controller on port 1812 with the correct secret ok so we've already got one set up so I'm gonna go back to authentication there it is now next if we want a wireless local area network we need to create one so I've got one in place but let me just walk you through yeah let me walk you through the creation of a new one so what we do is go to wireless LANs here in the upper right and over here on the right now I'm gonna put my face back in hey there I am right here there's an option for disable enable remove so we're gonna with create new selected we'll click on go that'll create a brand new wireless network and what do we want a way on wireless LAN or remote LAN so I'm gonna go for wireless LAN and let's call this let's think it for our users so our users are in VLAN 10 so we'll call this Corp Wi-Fi how about that Corp Wi-Fi and the SSID will call it Corp Wi-Fi so when users are looking for wireless networks assuming we're broadcasting this SSID they'll say hey there's a wireless network called Corp Wi-Fi and they can click on it and then go ahead and put in their authentication with whatever we require and they're good to go and then we'll go ahead and the upper right-hand corner way over here on the right we'll click on apply ok so now we have this new Corp Wi-Fi network and now it's our opportunity to put in the details it's not enabled by default so we can click on enable but it it's probably a good idea to do all the security and then come back and specify we want it enabled so let's go down here interface so what if you have radio like what do you want for this Wi-Fi network what frequencies do you want to use you can specify that and then only those frequencies will be used for that Wi-Fi network interface groups this is how we link the SSID of in this case Corp Wi-Fi to a specific VLAN so if we want the corporate users to be in VLAN 10 we select VLAN 10 here and then as their traffic comes in through the control through the access point to the controller and then forward it out to the network through the controller it's going to have those VLAN 10 tags we associate VLAN 10 and that's how that works that's the link between a Wi-Fi SSID and a wireless LAN controller and the local area network and the VLAN there alright so I'm gonna go and save users for VLAN 10 then we'll click on security and then what kind of security dude we're going to use wpa2 or better would be ideal so I'm packet tracer they very much limit what's here but we'll do wpa2 and then if we scroll down a little bit it has a lot of really cool options here I'm gonna use wpa2 policy and AES right we scroll down 802 dot 1 X is enabled what this is referring to here is how do we want to authenticate the user do we want to send the request or Bob the user and his credentials over to the Triple A server via radius or that's what that's what this means here with data to the One X or do we want to go ahead and use a pre-shared key in which case we would just put the pre-shared key right here in ascii or hex format and then the user would have to know that pre-shared key so because we've got a triple-a server that we've identified let's use it so I'm gonna go ahead and remove PSK look back on a tour 2.1 x for the authentication and and let's go over here triple-a servers to make sure we're gonna use the triple-a server which is really important so we specified under security that we had a triple-a server and it's here under triple-a servers for this SSID for this wireless network that we're gonna specify what server that is we're gonna use so here it shows up from the list because we put it there earlier or I did with security and we can check all of our parameters I think they'll do it and then in the upper right hand corner we have the button for apply and I didn't enable it so I'm gonna click on enabled and then click on apply alright so there we've got one VLAN or one additional wireless network that we just created we go back to wireless networks here we have Corp Wi-Fi our Wi-Fi let's create one more it's open the upper right hand corner we'll just go ahead are up here look not quite all the way up to the right we'll click on create new and we'll call this one guest Wi-Fi which is gonna be VLAN 20 I believe so we'll call this guest and I think I need to be careful with my syntax here all right and then apply it and then we'll simply go ahead and same thing so I'm gonna enable it as far as security goes I'm going to go ahead and simply say I don't want to use a torch at 1x I want to use a pre-shared key we could put the pre-shared key right here I'm gonna use capital C is co c is e o with kapil C exclamation mark two three and and click apply' up here in the upper right and it's enabled or security WPA and pre shared key fantastic art wpa2 specifically all right so I'll click on apply again just because I'm paranoid and then we'll go back to wireless lans and there we have it we have two wireless local area networks that are now being advertiser will be advertised once we have access points associate with this Wireless that controller or the Corp Wi-Fi they're going to have to authenticate with a username and password and that's going to be checked on the backend with triple a server or individuals from the guest network they do not have to have authentication with the triple a server but they do only have to have the pre shared key and that's how we set it up so I wanted to walk you through the setup of how to make this all work how to link the Triple A pieces together with the controller and now having said that let's do this is there something else yeah so in the in a live interface it's fantastic this is the packet tracer lab that I mentioned a moment ago and here is where I'm going to give you a couple tips and yeah let me start off with a couple tips so if I as I look at it network like this in packet tracer especially a new network I would read the instructions and say okay where is stuff and as far as where stuff is here's where stuff is this is a server it's running DHCP it's running and it's running DNS and it's running web services and what else is it doing oh it's also acting as a triple-a server all courtesy of packet tracer it's fantastic so you just go into the server and tailor the details there this wire and it's address is 10.30 0 10 yep right there no ok the wireless LAN controller over here has the IP address of 10 3002 so to manage it you get on a PC assuming that PC has connectivity to the network and you'd open up a browser HTTPS on : whack-whack and you can go to the IP address of the wireless LAN controller which is ten thirty zero two or you can go to WL c as WL see i put an a record on this DNS server Mike I'll resolve it seeking type a little bit less and you can go right there and it'll open up with HTTPS and so okay so those are some tips the passwords always gonna be capital C is e o exclamation mark 2 3 so here's the objective for this troubleshooting lab I thought to myself yesterday when I was putting most of this together and now it's filming it now it's a little bit before the premiere how do I effectively then go back to the victory how do I effectively share with somebody who's fairly new to a wireless LAN controller like first of all where stuff is and then how to troubleshoot it and the answer is well is show it show them I said to myself Keith show them on a live gear the live wireless LAN controller with a real switch in the trunking and how it works walk them through creating a couple interfaces associate with write VLANs show them some captures with the tagging involved so they can really see how those are knit together from the the trunk between the switch and the wireless LAN controller and then walk them through creating a couple wireless networks so those specific tasks virtually all those you can do also inside of packet tracer and so instead of just having to build if you want to build a wireless LAN controller from scratch and packet tracer check out the other video in the master playlist which is all about from the ground up building a whole new wireless LAN controller and making it work all the steps are there but in this one I thought I'd inject triple-a as well I've shown you where to go to look at it and how to set it up and also what I like to do is in the packet tracer lab let me demonstrate where we would go to verify that as well so let me move that other way so on the server please click on it if you're not familiar with packet tracer yet it's a wonderful free tool from Cisco just go to netacad comm sign up with a free account download it and I'm using 7.3 for this video so if you want to download the lab file from here from the Keith Barker calm and against right here if you want to download it this one download that make sure you have the software from Cisco and enjoy have fun so to work with these services on this server if you could use just if we could have config you can verify its IP address not a bad idea this is a troubleshooting lab by the way so there could be minor issues minor with the network there could be minor issues with various things so a lot the opportunity to practice in the wireless LAN controller and everywhere else on the network just to find the problems and solve the problem step by step so it has the right address and if we go to services and click on HTTP it's got web services running I'd like to thank Dan the layer 1 man for helping me with a customized packet tracer web server to make a little bit more fun if we could like to the desktop on this I'm on the server itself we go to our self which is 127 dot 0 dot 0 dot 1 so 1 2 it once y 7 0 0 1 is a loopback address it's a it means me every every device on the planet thinks oh that's me so I'm just going to the local server and so I Dan help me set this up it so fans punt that fantastic very very very very fun alright so anyway so it has the service running for DHCP alright each web services as DHCP services running it has pools for each of the three networks the 10 to 20 to 30 networks it's got DNS running there's an a record for WLAN controller and also for the Keith Barker comm which is one of our objectives to have the wireless clients connect to the Keith Parker comm there's triple a set up right here as well so this Wireless this Triple A server this radius server knows about the client at 10:30 0 2 that's the wireless LAN controller it also has a couple usernames Bob and Louis their password right here playing text to make it easier and that's the server itself to work with this Wireless LAN controller what we need to do is go to a PC and you can all see that from the server it has reach ability to but and go to the desktop and go to web browser and go to http : wack wack WLC all right yeah we're not getting there from here so we might try and try it from the server and go to the desktop and any any computer in his in storm right so let's go to H HTTP colon whack whack WLC Oh huh it's not working either well hopefully you'll figure it out because it would be really awesome to troubleshoot this so there are some basic connectivity problems as well and here's what I would encourage you to do a couple things I would do is for these links to have a clue and troubleshooting this makes a little faster I prefer to go to options excuse me view I take it back options and preferences and then I like to show port labels so I know which ports I'm looking at and also up here show link lights to get a clue about what the heck is going on with these devices so I can see right here between the wireless LAN controller and the multi-layer switch they're red and I can see the link up here between the APS and the switches they're red and so red means is down and that would be some of the first things I'd want to fix before you go any further fix the network before we start tweaking and working with the wireless network make sure the infrastructure is solid and then start working on the wireless network and to do that I would suggest you can just do it from right here from this PC connect over to the wireless LAN controller once it's functioning and the goal is this the goal is to get this employee device which is going to use the corp Wi-Fi network be able to open a browser to that's the real one maybe back up to this the keith barker comm which is the webserver running here that means dns is working the wireless is working life is good and then for this guest device it also should associate with an AP it doesn't matter if it's this one or this one any AP in the storm is they're both supporting they're built they both should support both Wi-Fi networks this guest device with a pre shared key be able to connect and then once it's connected to the Wi-Fi network be able to successfully access that server at keithbower.com all right that is the objective for your lab and I am going to leave it at that I discovered that people can watch a lot of videos and they can have a lot of fun and by George on this channel my goal is to give you some fun I like fun and I do I enjoy networking I get a kick out of it I also realize in a very significant way that the best learning that's going to happen for you is to get hands-on practice so I leave this lab in your capable hands the Keith Barker comm is where you can download it launch it login with your Cisco account so to let you run it and then troubleshoot it and if when you troubleshoot it if you taken the time to actually do it and you have success where both clients can access the Keith Barker comm website instead of packet tracer leave me a comment on this video saying I did it and you don't need to leave a time stamp like I did it in ten minutes or I did it in four hours or it took me five tries you don't have to you're welcome to put anything you want I'm always interested in your success my key is I would love to see you practice and practice and practice and get better and better with it because if you do this lab if you work through it using the tutorial we did at the beginning of this video you'll have hmm I would say like 95% of what you need to know of what Cisco is asking you regarding wireless or your CCNA and that's my intent I intends to have you study learn get better and also check this out it's fun because when you go into a production environment and you're troubleshooting something you're gonna find it very comforting say oh I know where to look like is the Triple A server information wrong or is the virtual IP address or the dynamic IP interface is it not configured correctly does it have the wrong tag etc or is it not so is it not trunk to the switch correctly all those things because you've practiced with it it's great oh oh oh ah don't leave yet let me talk about one other thing I did to make this lab work and here it is the trunking from the actual packet tracer multi-layer switch to the wireless LAN controller if you if you trunking is doing the tags those tags aren't processed correctly by the wireless LAN controller so what I did was the switch is trunked the switch is trunked / - let me let me just verify this let me verify this with you I've got the lab open yeah I've got the lab open and I'm not afraid to use it so let's let's just verify real quick on the multi-layer switch that I want this to be a stumbling block for you this is the multi-layer switch show run and let's go up to interface 13 okay so here's what I did I made it a trunk because I wanted to reinforce on your mind the fact that you need a trunk going to a rail wireless that controller so it's got honking is on oh and if you're looking for one of the problem if you're looking for one of the problems this might be one of them I don't know shut down parts but I made the native VLAN VLAN 30 and the reason I made the native VLAN VLAN 30 is because when the switch sends out frames for VLAN 30 it won't tag them and so on the on the wireless LAN controller I've got my management interface with no tagging and that makes this work so that it that's a cheated a little bit there to make it function also there's a couple other things behind the scenes they had to be a little bit fudged to make this packet restore that work but I've sorted all that out my goal is to have you practice practice practice and have a lot of fun with it and get better and better with it so I wish you the best of luck with this lab let me know how you do if you would like a walkthrough of solving this because I made it I put in the problems it's gonna be pretty easy for me to identify what they are however if you'd like me to do a walk-through as a short video or hello ever long it takes to do that walkthrough of solving it just leave me a note and if there's a lot of people say yeah I'd love to see a walkthrough great I'd be happy to do it it would be fairly easy to do alright so with that I'll see you in the next live event also after the premieres of these videos we often join up in the discord server in fact let me know tell you about that on the discard server I mentioned it in the in the in these streams and say hey afterwards after the premiere when its first launched we jump in the discard server and we do a voice chat and I had I've had more than one person tell me yeah I got in the discord server and I saw there was chat rooms but I didn't realize how to you know where it where the voice stuff was happening and let me show you where that is so this is the discord server and here right there there it is so I'll put a link in the description below for this video jump on the discord server and the discord server I'd like to thank my at the admins on there by the way which are Trevor and Kelvin they're amazing and what you do is you go to the discord server click on it that's the logo right there for it and then voice channels CCNA voice chat right there which which I just joined I will go ahead and exit out of that but you just click on CCNA voice chat and you are there you are with us and you just mute your mic if you're not talking to cut background noise if you want to talk talk and we use hangout for sometimes quite a while and you shall I say hi for a few minutes we'd love to have you as well but I want to make sure everybody knew where it was alright thanks everybody I'll see you in the very next live event wherever that might be until then have a great day and be well bye [Music]
Info
Channel: Keith Barker
Views: 17,741
Rating: 4.966527 out of 5
Keywords: ccna, cisco, 200-301, Cisco CCNA, Cisco Certification, ogit, Keith Barker, 200-301 ccna, 200-301 cisco, 200-301 videos, 200-301 ccna certification, 200-301 study, networking, cisco ccna 200-301, cisco ccna certification, cisco ccna training, cisco wlc tutorial, cisco wlc configuration, cisco wlc setup, Cisco WLC, wlc, wireless, cisco wireless, WLAN, wlan wifi, wifi, wireless lan, packet tracer, wireless lan controller, Packet Tracer
Id: obXEXPADTCQ
Channel Id: undefined
Length: 44min 25sec (2665 seconds)
Published: Sat May 02 2020
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.